fix: throw exception on invalid IAM Authn config (#1082)

Author: shubha-rajan

core/src/main/java/com/google/cloud/sql/core/CloudSqlInstance.java

@@ -459,6 +459,16 @@ private SslData createSslData(
  }
  }
 
+ static void checkDatabaseCompatibility(ConnectSettings instanceMetadata, boolean iamAuth,
+ String connectionName) {
+ if (iamAuth && instanceMetadata.getDatabaseVersion().contains("SQLSERVER")) {
+ throw new IllegalArgumentException(
+ String.format(
+ "[%s] IAM Authentication is not supported for SQL Server instances.",
+ connectionName));
+ }
+ }
+
  /**
  * Fetches the latest version of the instance's metadata using the Cloud SQL Admin API.
  */
@@ -482,6 +492,9 @@ private Metadata fetchMetadata() {
  + "instance.",
  connectionName));
  }
+ 
+ checkDatabaseCompatibility(instanceMetadata, enableIamAuth, connectionName);
+
 
  // Verify the instance has at least one IP type assigned that can be used to connect.
  if (instanceMetadata.getIpAddresses().isEmpty()) {

core/src/test/java/com/google/cloud/sql/core/CloudSqlInstanceTest.java

@@ -20,6 +20,7 @@
 import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.when;
 
+import com.google.api.services.sqladmin.model.ConnectSettings;
 import com.google.auth.oauth2.GoogleCredentials;
 import com.google.auth.oauth2.OAuth2Credentials;
 import java.io.IOException;
@@ -42,11 +43,15 @@ public class CloudSqlInstanceTest {
  @Mock
  private OAuth2Credentials oAuth2Credentials;
 
+ @Mock
+ private ConnectSettings instanceData;
+
  @Before
  public void setup() throws IOException {
  MockitoAnnotations.openMocks(this);
  when(googleCredentials.createScoped(
  "https://www.googleapis.com/auth/sqlservice.login")).thenReturn(scopedCredentials);
+ when(instanceData.getDatabaseVersion()).thenReturn("SQLSERVER_2019_STANDARD");
  }
 
  @Test
@@ -69,5 +74,19 @@ public void throwsErrorForWrongCredentialType() {
  }
  }
 
+ @Test
+ public void throwsErrorIamAuthNotSupported() {
+ Boolean enableIamAuth = true;
+ String connName = "my-project:region:my-instance";
+
+ try {
+ CloudSqlInstance.checkDatabaseCompatibility(instanceData, enableIamAuth, connName);
+ } catch (IllegalArgumentException ex) {
+ assertThat(ex)
+ .hasMessageThat()
+ .contains("[my-project:region:my-instance] " +
+ "IAM Authentication is not supported for SQL Server instances");
+ }
+ }
 
 }